CVE-2020-26807

Опубликовано: 10 нояб. 2020

Источник: nvd

CVSS3: 4.4

CVSS3: 3.3

CVSS2: 2.1

EPSS Низкий

Описание

SAP ERP Client for E-Bilanz, version - 1.0, installation sets Incorrect default filesystem permissions are set in its installation folder which allows anyone to modify the files in the folder.

Ссылки

https://launchpad.support.sap.com/#/notes/2971112
Permissions Required
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571
Vendor Advisory
https://launchpad.support.sap.com/#/notes/2971112
Permissions Required
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:erp_client_for_e-bilanz:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 8%

0.00031

Низкий

4.4 Medium

CVSS3

3.3 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-276

Связанные уязвимости

GHSA-wrjq-fhgm-m346

github

больше 3 лет назад

SAP ERP Client for E-Bilanz, version - 1.0, installation sets Incorrect default filesystem permissions are set in its installation folder which allows anyone to modify the files in the folder.

EPSS

Процентиль: 8%

0.00031

Низкий

4.4 Medium

CVSS3

3.3 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-276